Report Overview
Submitted URL
www.shellterproject.com/Downloads/Shellter/Old/Shellter_v2.1.zip
IP
38.242.134.114
ASN
#51167 Contabo GmbH
Submitted
2024-05-03 22:53:42
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
www.shellterproject.com | unknown | 2014-04-23 | 2017-02-25 | 2024-04-18 | 518 B | 282 kB | 38.242.134.114 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
Scan Date | Severity | Indicator | Alert |
---|---|---|---|
2024-05-03 | medium | www.shellterproject.com/Downloads/Shellter/Old/Shellter_v2.1.zip | Hunting_Rule_ShikataGaNai |
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
www.shellterproject.com/Downloads/Shellter/Old/Shellter_v2.1.zip
IP
38.242.134.114
ASN
#51167 Contabo GmbH
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
281 kB (281277 bytes)
Hash
2a667ebb781c1fe31e0f75670e8a90b1
2ff231aa95d55f99c1d91e9ab863430c930361fc
Archive (11)
Filename | Md5 | File type | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
faq.txt | 46960c1988267c692f0aada86aaed8a7 | ASCII text, with CRLF line terminators | |||||||||
shellter.ico | 7110599992da5de30f20e8d00a0039ae | MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel | |||||||||
license.txt | 7fca865c806dac9a82b19e021337daaa | ASCII text, with CRLF line terminators | |||||||||
readme.txt | 8296581a08bdb23ca47b583acbebd9d7 | ASCII text, with CRLF line terminators | |||||||||
calc | b69936d29c02434eca5b59fa4ddcf77c
| data | |||||||||
calcenc | 8504412d24964408a78c39b17db1783b
| data | |||||||||
info.txt | b726d7919cab63facf1795499b454e9e | ASCII text, with CRLF line terminators | |||||||||
krb1 | 774a5c3d26017c021619247fa7c3e579 | data | |||||||||
krb3 | e9fd96d1a9f83de90511ba8b31d71a63
| data | |||||||||
shellter.exe | 7181ece9b6828a34aace2e773b8b8aee
| PE32 executable (console) Intel 80386, for MS Windows, 5 sections | |||||||||
version_history.txt | 8c0b1e95f8a5e6f83718a55877be4bf2 | ASCII text, with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
YARAhub by abuse.ch | malware | meth_peb_parsing |
Elastic Security YARA Rules | malware | Windows.Shellcode.Generic |
Elastic Security YARA Rules | malware | Windows.Trojan.Metasploit |
YARAhub by abuse.ch | malware | meth_get_eip |
Public Nextron YARA rules | malware | Hunting_Rule_ShikataGaNai |
YARAhub by abuse.ch | malware | meth_stackstrings |
Public Nextron YARA rules | malware | Hunting_Rule_ShikataGaNai |
VirusTotal | suspicious |
JavaScript (0)
HTTP Transactions (1)
URL | IP | Response | Size | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
www.shellterproject.com/Downloads/Shellter/Old/Shellter_v2.1.zip | 38.242.134.114 | 200 OK | 281 kB | ||||||||||
Detections
HTTP Headers
| |||||||||||||